Example 6 with Audit
use of alien4cloud.audit.annotation.Audit in project alien4cloud by alien4cloud.
the class RepositoryController method update.
@RequestMapping(value = "/{id}", method = RequestMethod.PUT, consumes = MediaType.APPLICATION_JSON_VALUE)
@ApiOperation(value = "Update the repository.", authorizations = { @Authorization("COMPONENTS_MANAGER") })
@PreAuthorize("hasAnyAuthority('ADMIN', 'COMPONENTS_MANAGER')")
@Audit
public RestResponse<Void> update(@ApiParam(value = "Id of the repository to update", required = true) @PathVariable String id, @ApiParam(value = "Request for repository update", required = true) @Valid @RequestBody UpdateRepositoryRequest updateRequest) {
Repository repository = repositoryService.getOrFail(id);
String oldName = repository.getName();
ReflectionUtil.mergeObject(updateRequest, repository);
repositoryService.updateRepository(repository, oldName, updateRequest.getConfiguration() != null);
return RestResponseBuilder.<Void>builder().build();
}
Also used :
Repository(alien4cloud.model.repository.Repository)
Audit(alien4cloud.audit.annotation.Audit)
ApiOperation(io.swagger.annotations.ApiOperation)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 7 with Audit
use of alien4cloud.audit.annotation.Audit in project alien4cloud by alien4cloud.
the class RuntimeController method executeOperation.
@ApiOperation(value = "Trigger a custom command on a specific node template of a topology .", authorizations = { @Authorization("APPLICATION_MANAGER") }, notes = "Returns a response with no errors and the command response as data in success case. Application role required [ APPLICATION_MANAGER ]")
@RequestMapping(value = "/{applicationId:.+?}/operations", method = RequestMethod.POST, consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.APPLICATION_JSON_VALUE)
@ResponseBody
@PreAuthorize("isAuthenticated()")
@Audit(bodyHiddenFields = { "secretProviderCredentials" })
public DeferredResult<RestResponse<Object>> executeOperation(@PathVariable String applicationId, @RequestBody @Valid OperationExecRequest operationRequest) {
final DeferredResult<RestResponse<Object>> result = new DeferredResult<>(15L * 60L * 1000L);
Application application = applicationService.getOrFail(applicationId);
ApplicationEnvironment environment = applicationEnvironmentService.getEnvironmentByIdOrDefault(applicationId, operationRequest.getApplicationEnvironmentId());
AuthorizationUtil.checkAuthorizationForEnvironment(application, environment);
Topology topology = deploymentRuntimeStateService.getRuntimeTopologyFromEnvironment(operationRequest.getApplicationEnvironmentId());
// validate the operation request
try {
validateCommand(operationRequest, topology);
} catch (ConstraintViolationException e) {
result.setErrorResult(RestResponseBuilder.<Object>builder().data(e.getConstraintInformation()).error(new RestError(RestErrorCode.PROPERTY_CONSTRAINT_VIOLATION_ERROR.getCode(), e.getMessage())).build());
return result;
} catch (ConstraintValueDoNotMatchPropertyTypeException e) {
result.setErrorResult(RestResponseBuilder.<Object>builder().data(e.getConstraintInformation()).error(new RestError(RestErrorCode.PROPERTY_TYPE_VIOLATION_ERROR.getCode(), e.getMessage())).build());
return result;
} catch (ConstraintRequiredParameterException e) {
result.setErrorResult(RestResponseBuilder.<Object>builder().data(e.getConstraintInformation()).error(new RestError(RestErrorCode.PROPERTY_REQUIRED_VIOLATION_ERROR.getCode(), e.getMessage())).build());
return result;
} catch (ConstraintFunctionalException e) {
result.setErrorResult(RestResponseBuilder.<Object>builder().data(e.getConstraintInformation()).error(new RestError(RestErrorCode.PROPERTY_UNKNOWN_VIOLATION_ERROR.getCode(), e.getMessage())).build());
return result;
}
// try to trigger the execution of the operation
try {
deploymentRuntimeService.triggerOperationExecution(operationRequest, new IPaaSCallback<Map<String, String>>() {
@Override
public void onSuccess(Map<String, String> data) {
result.setResult(RestResponseBuilder.<Object>builder().data(data).build());
}
@Override
public void onFailure(Throwable throwable) {
result.setErrorResult(RestResponseBuilder.<Object>builder().error(new RestError(RestErrorCode.NODE_OPERATION_EXECUTION_ERROR.getCode(), throwable.getMessage())).build());
}
});
} catch (OperationExecutionException e) {
result.setErrorResult(RestResponseBuilder.<Object>builder().error(new RestError(RestErrorCode.NODE_OPERATION_EXECUTION_ERROR.getCode(), e.getMessage())).build());
} catch (OrchestratorDisabledException e) {
result.setErrorResult(RestResponseBuilder.<Object>builder().error(new RestError(RestErrorCode.CLOUD_DISABLED_ERROR.getCode(), e.getMessage())).build());
}
return result;
}
Also used :
ConstraintValueDoNotMatchPropertyTypeException(org.alien4cloud.tosca.exceptions.ConstraintValueDoNotMatchPropertyTypeException)
RestResponse(alien4cloud.rest.model.RestResponse)
DeploymentTopology(alien4cloud.model.deployment.DeploymentTopology)
Topology(org.alien4cloud.tosca.model.templates.Topology)
ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment)
ConstraintFunctionalException(org.alien4cloud.tosca.exceptions.ConstraintFunctionalException)
OrchestratorDisabledException(alien4cloud.paas.exception.OrchestratorDisabledException)
RestError(alien4cloud.rest.model.RestError)
OperationExecutionException(alien4cloud.paas.exception.OperationExecutionException)
ConstraintViolationException(org.alien4cloud.tosca.exceptions.ConstraintViolationException)
Application(alien4cloud.model.application.Application)
Map(java.util.Map)
ConstraintRequiredParameterException(org.alien4cloud.tosca.exceptions.ConstraintRequiredParameterException)
DeferredResult(org.springframework.web.context.request.async.DeferredResult)
Audit(alien4cloud.audit.annotation.Audit)
ApiOperation(io.swagger.annotations.ApiOperation)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
ResponseBody(org.springframework.web.bind.annotation.ResponseBody)
Example 8 with Audit
use of alien4cloud.audit.annotation.Audit in project alien4cloud by alien4cloud.
the class ServiceSecurityController method grantAccessToGroups.
/**
*****************************************************************************************************************************
*
* SECURITY ON GROUPS
*
******************************************************************************************************************************
*/
/**
* Grant access to the service resource to the groups (deploy on the location)
*
* @param serviceId The location's id.
* @param groupIds The authorized groups.
* @return A {@link Void} {@link RestResponse}.
*/
@ApiOperation(value = "Grant access to the service resource to the groups", notes = "Only user with ADMIN role can grant access to a group.")
@RequestMapping(value = "/groups", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
@Audit
public synchronized RestResponse<List<GroupDTO>> grantAccessToGroups(@PathVariable String serviceId, @RequestBody String[] groupIds) {
ServiceResource service = serviceResourceService.getOrFail(serviceId);
resourcePermissionService.grantPermission(service, Subject.GROUP, groupIds);
List<GroupDTO> groups = GroupDTO.convert(resourcePermissionService.getAuthorizedGroups(service));
return RestResponseBuilder.<List<GroupDTO>>builder().data(groups).build();
}
Also used :
GroupDTO(alien4cloud.rest.orchestrator.model.GroupDTO)
ServiceResource(alien4cloud.model.service.ServiceResource)
List(java.util.List)
Audit(alien4cloud.audit.annotation.Audit)
ApiOperation(io.swagger.annotations.ApiOperation)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 9 with Audit
use of alien4cloud.audit.annotation.Audit in project alien4cloud by alien4cloud.
the class LocationSecurityController method revokeGroupAccess.
/**
* Revoke the group's authorisation to access the location
*
* @param locationId The id of the location.
* @param groupId The authorized group.
* @return A {@link Void} {@link RestResponse}.
*/
@ApiOperation(value = "Revoke the group's authorisation to access the location", notes = "Only user with ADMIN role can revoke access to the location.")
@RequestMapping(value = "/groups/{groupId}", method = RequestMethod.DELETE, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
@Audit
public synchronized RestResponse<List<GroupDTO>> revokeGroupAccess(@PathVariable String orchestratorId, @PathVariable String locationId, @PathVariable String groupId) {
Location location = locationService.getLocation(orchestratorId, locationId);
resourcePermissionService.revokePermission(location, Subject.GROUP, groupId);
List<GroupDTO> groups = GroupDTO.convert(resourcePermissionService.getAuthorizedGroups(location));
return RestResponseBuilder.<List<GroupDTO>>builder().data(groups).build();
}
Also used :
GroupDTO(alien4cloud.rest.orchestrator.model.GroupDTO)
List(java.util.List)
Location(alien4cloud.model.orchestrators.locations.Location)
Audit(alien4cloud.audit.annotation.Audit)
ApiOperation(io.swagger.annotations.ApiOperation)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 10 with Audit
use of alien4cloud.audit.annotation.Audit in project alien4cloud by alien4cloud.
the class LocationSecurityController method grantAccessToUsers.
/**
*****************************************************************************************************************************
*
* SECURITY ON USERS
*
******************************************************************************************************************************
*/
/**
* Grant access to the location to the user (deploy on the location)
*
* @param locationId The location's id.
* @param userNames The authorized users.
* @return A {@link Void} {@link RestResponse}.
*/
@ApiOperation(value = "Grant access to the location to the users, send back the new authorised users list", notes = "Only user with ADMIN role can grant access to another users.")
@RequestMapping(value = "/users", method = RequestMethod.POST, consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
@Audit
public synchronized RestResponse<List<UserDTO>> grantAccessToUsers(@PathVariable String orchestratorId, @PathVariable String locationId, @RequestBody String[] userNames) {
Location location = locationService.getLocation(orchestratorId, locationId);
resourcePermissionService.grantPermission(location, Subject.USER, userNames);
List<UserDTO> users = UserDTO.convert(resourcePermissionService.getAuthorizedUsers(location));
return RestResponseBuilder.<List<UserDTO>>builder().data(users).build();
}
Also used :
UserDTO(alien4cloud.rest.orchestrator.model.UserDTO)
List(java.util.List)
Location(alien4cloud.model.orchestrators.locations.Location)
Audit(alien4cloud.audit.annotation.Audit)
ApiOperation(io.swagger.annotations.ApiOperation)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Aggregations
Audit (alien4cloud.audit.annotation.Audit)71
PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)69
ApiOperation (io.swagger.annotations.ApiOperation)67
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)63
Application (alien4cloud.model.application.Application)27
ApplicationEnvironment (alien4cloud.model.application.ApplicationEnvironment)24
Location (alien4cloud.model.orchestrators.locations.Location)15
List (java.util.List)15
GroupDTO (alien4cloud.rest.orchestrator.model.GroupDTO)11
UserDTO (alien4cloud.rest.orchestrator.model.UserDTO)11
RestResponse (alien4cloud.rest.model.RestResponse)10
RequestMethod (org.springframework.web.bind.annotation.RequestMethod)9
ApplicationEnvironmentService (alien4cloud.application.ApplicationEnvironmentService)7
ResourcePermissionService (alien4cloud.authorization.ResourcePermissionService)7
IGenericSearchDAO (alien4cloud.dao.IGenericSearchDAO)7
DeploymentTopology (alien4cloud.model.deployment.DeploymentTopology)7
RestResponseBuilder (alien4cloud.rest.model.RestResponseBuilder)7
ApplicationEnvironmentAuthorizationDTO (alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationDTO)7
ApplicationEnvironmentAuthorizationUpdateRequest (alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationUpdateRequest)7
Subject (alien4cloud.security.Subject)7
